Application-based data encryption system and method thereof

US 20050278527A1
Filed: 11/04/2004
Published: 12/15/2005
Est. Priority Date: 06/10/2004
Status: Active Grant

First Claim

Patent Images

1. An application-based data encryption method, implemented in an operating system, comprising:

encrypting data opened by an application utilizing an encryption key in response to system calls received for storing the data; and

decrypting data requested by the application utilizing a decryption key in response to system calls received for reading the data.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An application-based data encryption method implemented in an operating system. When receiving system calls for writing data opened by an application, the operating system encrypts the data utilizing an encryption key. When receiving system calls for reading data requested by the application, the operating system decrypts the data utilizing a decryption key. The encryption key and the decryption key may be the same key or two different keys.

60 Citations

View as Search Results

18 Claims

1. An application-based data encryption method, implemented in an operating system, comprising:
- encrypting data opened by an application utilizing an encryption key in response to system calls received for storing the data; and
  
  decrypting data requested by the application utilizing a decryption key in response to system calls received for reading the data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method as claimed in claim 1, further comprising:
    - assigning the application an secure state;
      
      determining whether the application is assigned the secure state; and
      
      performing encryption and decryption when the application is assigned the secure state.
  - 3. The method as claimed in claim 1, wherein the encryption key and decryption key comprise the same keys.
  - 4. The method as claimed in claim 1, wherein the encryption key and decryption key are different keys.
  - 5. The method as claimed in claim 2, further comprising utilizing a administrative authority to acquire the encryption key or the decryption key.
  - 6. The method as claimed in claim 2, further comprising recording designation information in an executable file of the application using a program security utility, wherein the designation information states that the application is in the secure state.
  - 7. The method as claimed in claim 6, wherein the program security utility is a part of the operating system, an application for secure state designation, or a part thereof.
  - 8. The method as claimed in claim 1, wherein identification of the application, the encryption key, and the decryption key are stored in a cipher text record.

9. An application-based data encryption system, comprising:
- an operating system comprising a crypto driver, wherein the crypto driver encrypts data opened by an application utilizing an encryption key when the operating system receives system calls for storing the data; and
  
  the crypto driver decrypts data requested by the application utilizing a decryption key when the operating system receives system calls for reading the data.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 10. The system as claimed in claim 9, further comprising a program security utility assigning the application an secure state, wherein the operating system determines whether the application is in the secure state, and the crypto driver performs encryption and decryption when the application is in the secure state.
  - 11. The system as claimed in claim 9, further comprising a key generating model generating the encryption key or the decryption key.
  - 12. The system as claimed in claim 11, wherein the encryption key and decryption key comprise the same key.
  - 13. The system as claimed in claim 11, wherein the encryption key and decryption key are different keys.
  - 14. The system as claimed in claim 10, wherein the operating system requires that the program security utility must utilize an administrative authority to assign the application the secure state, and the program security utility utilizes the administrative authority to assign the application the secure state.
  - 15. The system as claimed in claim 10, wherein the program security utility assigns the application the secure state by recording designation information in an executable file of the application, assigning the secure state.
  - 16. The system as claimed in claim 9, wherein identification of the application, the encryption key, and the decryption key are stored in a cipher text record.
  - 17. The system as claimed in claim 10, wherein identification of the application, the encryption key, and the decryption key are stored in a cipher text record, and the operating system further retrieves the cipher text record to determine whether the application is in the secure state or acquire the encryption or decryption keys.
  - 18. The system as claimed in claim 10, wherein the program security utility is a part of the operating system, an application for secure state designation, or a part thereof.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
A10 Networks Incorporated
Original Assignee
Industrial Technology Research Institute
Inventors
Liao, Wen-Chiuan, Shi, Jun-Bin

Granted Patent

US 7,596,695 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/165
CPC Class Codes

G06F 21/6209 to a single file or object,...

Application-based data encryption system and method thereof

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

60 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Application-based data encryption system and method thereof

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

60 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links